-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(metrics-operator): introduce insecureSkipTlsVerify parameter for prometheus metrics fetch #3742
base: main
Are you sure you want to change the base?
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3742 +/- ##
==========================================
- Coverage 77.77% 77.73% -0.04%
==========================================
Files 219 219
Lines 11575 11580 +5
==========================================
Hits 9002 9002
- Misses 2210 2214 +4
- Partials 363 364 +1
... and 1 file with indirect coverage changes
Flags with carried forward coverage won't be shown. Click here to find out more. |
a8909c5
to
2c0c512
Compare
Hey @odubajDT I have modified the GetRoundTripper function to use a custom http.Transport with TLSClientConfig. |
911ac5e
to
97eef27
Compare
fb7ae3b
to
75b8a9f
Compare
d11663c
to
9f9211a
Compare
Signed-off-by: Bharadwajshivam28 <[email protected]>
94876c1
to
3a83d92
Compare
@@ -119,7 +119,8 @@ func Test_GetRoundtripper(t *testing.T) { | |||
name string | |||
provider metricsapi.KeptnMetricsProvider | |||
k8sClient client.Client | |||
want http.RoundTripper | |||
wantUser string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what is the reasoning behind this change? the function returns a roundtripper, therefore I would expect that instead of user and password
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you please elaborate on this? @odubajDT
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
my question is why you are expecting a user and password if the function you are testing is returning a roundtripper, it should in my opinion stay as it is, unless there is a reason for the change. This change seems to add significant complexity to the test, which is not needed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The thing is for the unit test without user and password it was failing so when I used user and password also it passed so I thought this way works when using user and password
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes the test is passing because now you are not checking the roundTripper correctly, please revert this and try to stick the the concept that is present unless there is a technical reason why it should be done differently
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @odubajDT
In this method Test_GetRoundtripper in common_test.go according to the current unit test it fails-
getRoundtripper() got = &{myuser mytoken 0x140005afb00}, want &{myuser mytoken 0x140001d7980}
because the comparison of RoundTripper instances is not working with reflect.DeepEqual.
so instead of comparing entire RoundTripper structs I check specific properties like wantUser, wantPass, and wantTLS instead of a complete want RoundTripper.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@odubajDT one way is that by creating mock HTTP server to capture and verify the actual request sent by the RoundTripper. Instead of checking the request directly. It covers the main scenarios of secret retrieval and the creation of an authenticated RoundTripper
I modified the test case and it passes
so can we move with this unit test approach?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess you need to adapt the expected outcome of the function, since you just added a parameter to the config, which has an impact on the resulting object
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can I create a new function in the common_test file?
Yes I understand that I need to adapt the changes in the test function but the thing without the mock method the test doesn't get adapted
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what you should do is to set/unset the parameter in the metricProvider and expect it to be set/unset in the resulting roundtripper in the test. Not many changes are needed and I don't think another test function is needed here. You just need to duplicate and slightly adapt the test cases that are present
}, | ||
}, | ||
k8sClient: fake.NewClient(goodsecret), | ||
want: config.NewBasicAuthRoundTripper("myuser", "mytoken", "", "", promapi.DefaultRoundTripper), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why are you expecting defaultRoundTripper if you have modified it in the code?
06a7d81
to
100e353
Compare
// if !reflect.DeepEqual(got, tt.want) { | ||
// t.Errorf("getRoundtripper() got = %v, want %v", got, tt.want) | ||
// } | ||
if tr, ok := got.(*http.Transport); ok { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the insecureSkipVerify is not the only parameter that should be tested here, please test also the user and the password of the round tripper
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@odubajDT I have made the changes please verify it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
still only a single parameter is verified here, what about user/password and other parameters set in the struct?
if !tt.wantErr && got == nil { | ||
t.Errorf("getRoundtripper() returned nil, expected a RoundTripper") | ||
} | ||
// if !reflect.DeepEqual(got, tt.want) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove this commented part if it's not needed
@@ -4,7 +4,7 @@ import ( | |||
"context" | |||
"net/http" | |||
"net/http/httptest" | |||
"reflect" | |||
// "reflect" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please singoff your commits to pass the DCO check in the CI
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
…ent method Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
Signed-off-by: Bharadwajshivam28 <[email protected]>
f4b9698
to
6d639d1
Compare
Quality Gate passedIssues Measures |
wantUser string | ||
wantPassword string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you are not asserting these parameters, can you explain why?
k8sClient client.Client | ||
wantUser string | ||
wantPassword string | ||
wantRoundTripper http.RoundTripper |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is the roundtripper asserted?
@Bharadwajshivam28 any updates on this? |
Quality Gate passedIssues Measures |
fixes #3712
Hey @odubajDT @mowies
I have implemented TLS round tripper to handle HTTP request.